Featured Slideshow

In a Dallas courtroom on Thursday, writer and activist Barrett Brown was sentenced to 63 months in prison and was ordered to pay a little more than $890,000 in restitution and fines, according to reports.

Featured Spotlight

For the security industry, the tide is shifting. Executives and boards are recognizing future ROI benefits in beefing up security when alerted to the potential of a three to five percent sales decline following a data breach.

Retail, food service industry top target of fraudsters

The retail and food service industries are the top targets for attackers due to the troves of consumer data they collect – and the fact that their systems often are inadequately protected, a security firm has found.

On Tuesday, Trustwave released its “2013 Global Security Report,” which found that the retail industry, particularly the e-commerce transactions that merchants process, were the primary targets of cyber criminals in 2012, followed by the food-and-beverage industry.

Trustwave said the retail sector made up 45 percent of data breach investigations it conducted, marking a 15 percent increase from 2011. The food-and-beverage industry was responsible for 24 percent of incident investigations.

“E-commerce and food and beverage were vying for the number one spot in attacks, and have for several years,” Pogue said. “It's mainly because of the proliferation of data exchanged and [everyone] is using their credit cards.”

In addition, workers in the sector are often more focused on customer service than data security and assume they won't be the target of fraudsters, according to the report.

In many cases, these businesses rely on third-party providers for IT support, and these vendors are the ones that introduce the security vulnerabilities – commonly weak or reused passwords for remote access, improperly configured firewalls or unpatched software – that lead to the breaches. In other cases, the merchants mistakenly believe these providers are responsible for certain security measures, which leads to them never being implemented.

SC Magazine arms information security professionals with the in-depth, unbiased business and technical information they need to tackle the countless security challenges they face and establish risk management and compliance postures that underpin overall business strategies.